Application Penetration Testing

Overview

An Application Penetration Test (aka, pentest) is a method of evaluating the security posture of an application(web or mobile) by simulating an attack from malicious outsiders who would not otherwise have authorized access. Identified vulnerabilities such as Cross-Site Scripting (XSS), SQL Injection and Cross-Site Request Forgery (CSRF) are documented and exploited in an effort to determine whether unauthorized access of malicious activity is actually possible.

The overall goal of an Application Penetration Test is to identify vulnerabilities in web applications, document them, validate them through exploitation, apply risk ratings and formally document the results in a report combined with appropriate recommendations for remediation. Rigo Technology uses the industry standard methodology for testing, reporting and remediation laid out by the Open Web Application Security Project (OWASP) Top 10 Risks. And also we have our own Testing Check-list to verify the different vulnerabilities.

Deliverables

The whole process of application penetration testing will be manual which will give you 0% false positive report. Besides that a comprehensive report detailing the findings, risk ratings, recommendations, methodology, tools, evidence and screen-shots will be provided.